blob: e5eeb1bb363d0a4d7e7a425e9e61988291571aa2 [file] [log] [blame]
# ==================================================================================
# Copyright (c) 2019-2020 Nokia
# Copyright (c) 2018-2020 AT&T Intellectual Property.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ==================================================================================
# This container uses a 2 stage build!
# Tips and tricks were learned from: https://pythonspeed.com/articles/multi-stage-docker-python/
FROM python:3.8-alpine AS compile-image
# upgrade pip as root
RUN pip install --upgrade pip
# Gevent needs gcc, make, file, ffi
RUN apk update && apk add gcc musl-dev make file libffi-dev
# create a non-root user. Only really needed in stage 2,
# however this makes the copying easier and straighttforward;
# pip option --user doesn't do the same thing if run as root
RUN addgroup -S a1user && adduser -S -G a1user a1user
# switch to the non-root user for installing site packages
USER a1user
# Speed hack; we install gevent before a1 because when building repeatedly (eg during dev)
# and only changing a1 code, we do not need to keep compiling gevent which takes forever
RUN pip install --user gevent
COPY setup.py /home/a1user/
COPY a1/ /home/a1user/a1
RUN pip install --user /home/a1user
###########
# 2nd stage
FROM python:3.8-alpine
# copy rmr libraries from builder image in lieu of an Alpine package
COPY --from=nexus3.o-ran-sc.org:10002/o-ran-sc/bldr-alpine3-rmr:4.0.2 /usr/local/lib64/librmr* /usr/local/lib64/
# copy python modules; this makes the 2 stage python build work
COPY --from=compile-image /home/a1user/.local /home/a1user/.local
# create mount point for dir with rmr routing file as named below
RUN mkdir -p /opt/route/
# create a non-root user
RUN addgroup -S a1user && adduser -S -G a1user a1user
# ensure the non-root user can read python files
RUN chown -R a1user:a1user /home/a1user/.local
# switch to the non-root user for security reasons
USER a1user
# misc setups
EXPOSE 10000
ENV LD_LIBRARY_PATH /usr/local/lib/:/usr/local/lib64
ENV RMR_SEED_RT /opt/route/local.rt
ENV PYTHONUNBUFFERED 1
# pip installs console script to ~/.local/bin so PATH is critical
ENV PATH=/home/a1user/.local/bin:$PATH
# Run!
CMD run-a1